Microsoft Application Virtualization

Training by

Chandu Nalluri

Primaccess Technologies

Hyderabad-38

Questions:-

1. Current Infrastructure 1. Packaging tools used 2. Deployment tools 3. Testing mechanism 4. RCM reporting (Conflict management tool) 5. Images

2. Problems encountered in the existing

infrastructure

3. Your exposure in Application Virtualization.

http://www.app-v.in

Application Management Lifecycle

What are the problems that we are encountering with application management Lifecycle?

Packaging / Deployment: is the initial process that organizations take to install their applications onto the client machines. As we are installing application locally there are lot of problems associated with it like

Conflicts b/w applications Regression testing Multi-platform packaging Even after all this we are not sure that our application will work perfectly. Not a clean desktop

Updates: are a natural and necessary process in the application management lifecycle.

Regular revisions Service packs / Hot fixes Even for simple upgrade we need to follow all the steps above.

Cont

Support: supporting entire range of applications in an enterprise can be a difficult task

Help desk calls

Licensing issues

Application conflicts

Termination/ uninstall: While uninstalling generally some orphan files, registry keys, database connections will be left behind, which might be the cause for application failure or conflicts.

What are the problems that we are encountering with application management Lifecycle?

Overview of MDOP Components

1. MDOP Components Disaster and recovery tool kit (DART)

Application Virtualization (App-V)

Asset Inventory Services (AIS)

Desktop Error Monitoring (DEM)

Advanced Group Policy Management

(AGPM)

Microsoft Enterprise Desktop Virtualization (MED-V)

http://www.app-v.in

Course Contents

1. INTRODUCTION TO App-V

2. App-V ARCHITECTURE

3. SERVER PLANNING AND INSTALLATION

4. CLIENT PLANNING AND INSTALLATION

5. ADMINISTRATION

6. ADVANCED ADMINISTRATION

7. SEQUENCER PLANNING & INSTALLATION

8. SEQUENCING

9. TROUBLESHOOTING

10. Best Practices http://www.app-v.in

How App-V Works?

App-V transforms application into virtual application services that are now available on demand over the network.

Simply assign an application to the user as soon as the user logs-in and he has his application readily available.

Virtual application doesnt put application files, registry settings, fonts, COM objects database settings, INI files into the operating system where conflicts can occur. Instead they are made to run within its own virtual environment.

We can also enforce authorization & authentication & licensing with the application inside the App-V system.

The App-V Movie

What is Application Virtualization?

Abstraction of Application and dependencies from OS

Virtual environment created

Reduced impact to application and operating system

Remove application to application conflicts

All Phases

Management

Delivery

Launch

Application Virtualization Definition

Application virtualization is the run-time abstraction and isolation of an application's dependencies from the operating system, resulting in local resource utilization without changing or appearing to change the host operating system. Application Virtualization capabilities must consist of the following:- Component redirection Redirection of application calls at run-time from local OS locations to alternate locations

Component isolation Application components are isolated so different revisions of registry entries objects or files will not write to the same location

Name space coexistence at run-time The name space of each object is redirected in the context of the virtual process ensuring that the application access the proper

version of a named object (COM/DCOM objects, etc.)

Microsoft's Approach to Application Virtualization

Microsoft App-V application virtualization offers all three requirements: Application Component isolation App-V isolates each component (File, registry, Named object) in a unique run-time memory location Application Component Redirection App-V redirects the application run-time calls to the proper alternate memory location

Application component Name Space Coexistence App-V redirects the application call to proper object name and version so the response is correct Example : Excel XP Makes a COM call to EXCEL.Open.DOC. Excel XP Responds Excel 2003 makes a COM call to EXCEL.OPEN.DOC, Excel 2003 responds

Deployment using App-V

No Installs

No Conflicts

No Wasting Resources

Pre-configurations of applications

Never allowed to install or modify local file system or local registry.

Cont

Deployment using App-V continued

When an application is App-V Enabled it is made to run inside of its own virtual environment.

The process of creating Virtual Environment (SystemGuard) is known

as Sequencing.

App-V enabled applications will use local system resources and streamed into local cache and run.

We can eliminate the need for regression testing as the virtual application will be isolated from any other applications. Weather it is locally installed or sequenced application.

Updates using App-V

Updates happen centrally and occur at only one time. Update process is very simple.

Replace with updated package on the server.

Active Upgrade seamlessly upgrade a package without requiring

App-V servers to shutdown or users to disconnect. (This feature was not there before version 4.0)

Cont

Support Calls

App-V platform can solve many support related issues

Because applications are running in its own protected SystemGuard

users cannot delete / modify application files and make the application unstable.

Reduce calls related to licensing as this is centrally managed by App-V server.

Termination / Uninstall

For termination / Uninstalling we need to deactivate or remove the retired application centrally from the App-V Management console.

Users will subsequently have the application removed from their desktop

Previously cached data blocks of the application will be removed as needed.

As we have not installed anything on the local machine we dont have worry about anything.

App-V Benefits

Eliminate application conflicts through application isolation. Each App-V Enabled Application or suite of applications inside of its

own Virtual Environment (SystemGuard) allowing it to remain free from conflicts with other applications.

This is accomplished with the sequencer creating a package for that App-V Enabled Application.

Run same application different versions on same PC Sometimes we need to run different versions side by side on the

same physical device Because of some legacy applications. Because of virtual environment each version of application will be

unaware that any other version of application is currently running on the same client machine.

Cont

App-V Benefits

Deliver pre configured applications During the installation phase of sequencing we should know the

application thoroughly i.e., we should know the entire functionality of the application we are sequencing what normally user uses.

Like default configurations ex: In internet explorer, connection settings, default home page, cookies, security, Auto complete, Feeds, Add-ins and advanced settings. All these can be configurations will be stored in App-V enabled applications package.

Preservation of applications source code Sequencer monitors the application at the kernel level as it is

performing its natural installation one time and bundles everything into virtual environment.

The integrity and full functionality of that vendors application is maintained.

Centrally Mange applications with the help of App-V Management Console.

Cont

App-V Benefits

Minimize significant application compatibility testing, scripting, Multi-platform packaging, and significant regression testing

Run real time usage reports

Get report on application usage i.e., who is using what, when where etc

Enable device roaming With all these benefits enterprises have experiencing tremendous

savings with App-V products i.e. 80% reduction in application management, 30% reduction in help desk costs and enable multi fold increase in user up-time.

App-V Limitations

Extensive Knowledge of applications to be App-V enabled Good knowledge of application usage Pre-requisites Testing the application Configuring the application

Items that cannot be Sequenced at this time

Boot time applications cannot be sequenced they would expect to fire off before the App-V client.

Drivers: will likely to conflict with other running instances. Certain types of services: Services that use system resources

cannot be virtualized.

We cannot use App-V enabled application If our desktops are older than windows 2000 such as Windows 9X, NT, Linux, Macintosh or Windows ME

App-V Environment

The App-V Environment consists of the following components:-

MS App-V Sequencer: used to convert applications to Virtualized apps

MS App-V Virtualization server : used for publishing applications

The App-V Management console

The App-V Management web service

The App-V Data store

Active directory: for deploying applications.

MS App-V Client: for delivering virtual applications to users.

Cont..

App-V Environment

App-V Sequencer

App-V Enabled Applications are delivered to the App-V Clients using these Files, eliminating the need to install the applications onto the clients computer.

App-V Management Console

Demo on App-V Management Console

App-V Management web service

The App-V Management web service is a service that acts as an intermediary b/w the App-V management console and App-V Data store

Once the App-V management console is launched by an administrator it will Connect to SG Web service. The SGMWS will then attempt to authorize the user As being part of the App-V Administrators group by accessing the active directory Domain account. Once that user is authorized the SGMWS will access the SGDS and present the Data stored in this database to the App-V Management Console for the Administrator to manipulate.

App-V Data Store

All App-V deployments utilize a central database to store all of the necessary Information for the App-V environment.

All application records Application Licensing Logging information App-V Server Configuration Reporting are stored in this data store.

App-V Launch Process

The App-V Launch process:- On-demand application delivery is simple for the administrator and

seamless for the end user: 1. An administrator assigns end users access to an application. A

shortcut icon to the application then automatically appears on the App-V client desktop of each end user.

2. By clicking on the shortcut, the user issues a request from the App-V client to the App-V Server, which authenticates and authorizes the user to run the application based on license assignment and access rights.

3. After authentication is successful, the App-V client "pulls" components of the application to the Windows desktop or Terminal Services server. Once enough code has been cached, the application will launch and the user can begin interaction. The application runs locally within the application virtualization environment.

App-V Client Launch

1. Upon system logon the user will go through the typical windows authentication as prescribed by Microsoft.

2. The App-V client service starts and captures the token and passes it to the clients pre configured App-V Server.

3. The App-V Server gets the Group Information from the application records in the Data Store for each application.

4. The App-V Server uses the standard Windows Security API to

determine if the user belongs to any of the groups for each application 5. The App-V server delivers the location of the .ICO files and the .OSD

files for the client to retrieve to their desktop and the OSD cache for those applications that the individual user has permissions to.

On Demand Delivery

1. On Demand Delivery is a feature of the App-V platform that will only stream the blocks of data that make up the App-V enabled application when the user requests. Until such time no application code is delivered to the client by default.

2. FB1:- The entire contents of the .SFT file are not delivered at the initial Launch. Only 20 40% of the application is enough to the launch the application which is called as Minimal Launch Threshold or Feature Block 1.

3. Sequence engineer has to ensure that the proper components of an application are contained within the FB1.

4. Any component that is not a part of FB1 will remain on the App-V server as FB2.

Cont..

On Demand Delivery

All blocks of data that make up the .SFT file in FB1 and FB2 are streamed to the client machine and cached into the local file system cache called SFTFS.FSD.

User Customized Configurations are stored in the Users profile directory of c:\documents and settings\username\application data\App-V client\package root +GUID\UsrVol_sftfs_v1.pkg

When User exits the application all of the blocks of data that had been streamed to the client will be saved into the file system cache, SFTFS.FSD.

SystemGuard

The App-V Platforms heart is SystemGuard, a patented technology which enables applications to run without installing them locallyand without altering the clients operating system. SystemGuard eliminates common application deployment and management problems: Application Conflicts: Almost any application will run on any client at any time. Version Incompatibilities: Different versions of the same application will run simultaneously on the same computer.

Cont..

System Guard

Multi-User Access: Applications that were previously unable to run in multi-user mode and therefore could not run within Citrix MetaFrame or Windows Terminal Services, will now do so and function correctly for multiple users.

Multi-Tenancy Issues: Instances of the same application using different database paths will run on the same computer at the same time.

Server Siloing and N-Way Regression Testing: The need for

many separate server farms and time-intensive regression testing for application conflicts is eliminated.

App-V Data Store

App-V data store is responsible to store, track and supply all the necessary for the system to run.

This information includes Provider Polices, Server Groups, Server Configuration and Account Authorities.

It also stores information about the assets managed by the App-V Platform. This includes Applications, Access Permissions, File Associations, and Licensing.

The Data Store may also store usage information, to be used for reporting.

The Data Store MSDE: Microsoft SQL Server 2000 Desktop Engine

SQL: Microsoft SQL Server 2000 or 2005

Question & Answers